Credit and debit cards used at three shoreline restaurants between June and August may have been compromised, according to Signature Systems, the point-of-sale vendor for the group.
According to Signature Systems, customers of Abate Apizza in East Haven, Abate Restaurant in New Haven and Springdale Pizza in Stamford may have been affected by a recent security breach involving Signature Systems and Jimmy Johns, an Illinois-based sandwich shop franchise.
The company reported that an "unauthorized person gained access" to Signature Systems log-in information to "remotely access POS systems."
"The unauthorized person used that access to install malware designed to capture payment card data from cards that were swiped through terminals in certain restaurants," Signature Systems said on its website. "The malware was capable of capturing the cardholder's name, card number, expiration date, and verification code from the magnetic stripe of the card."
A notification on the company's website said that while the company does not have a list of the credit/debit card accounts compromised and that Springdale Pizza, Abate Apizza and Abate Restaurant in New Haven were at risk between June and August.
Loretta Abate, who owns the two Abate eateries, said the restaurants have been using Signature Systems for six or seven years and have had problems with the database before.
The company rewired the Abates' system in the spring after they complained that it was being sluggish. Abate said she called Signature Systems in June when she noticed it was even slower than usual and was told the company was performing remote security upgrades as a precaution.
Local
According to Abate, the company did not elaborate and never let her know about the breach.
Fortunately, no customers have reported suspicious activity on their accounts despite the fact that 90 percent of business there is conducted using credit and debit cards..
Jibey Asthappan, director of National Security Studies at the University of New Haven, said smaller point-of-sale vendors must be more vigilant and is urging customers to check their bank statements for any fraudulent purchases.
“Not only do they need to step up the level of security, they need to step up the level of monitoring that needs to be done. You can collect all this information in server logs, but if no one is looking at the logs, no one knows that there's something going awry,” said Asthappa.
Using credit instead debit can serve as a safeguard, along with switching to new chip-and-pin credit cards, which encrypt your information, Asthappan said.
Signature Systems has not returned a request for comment.
The company recommends that customers of the affected restaurants review their credit/debit account statements and report any concerns about identity theft to the Federal Trade Commission at 1-877-438-4338. Other information on the data breach and tips on protecting yourself from identity theft are available on Signature System's website.
